This invention relates to cryptographic file security techniques in a multiple domain data processing system and, more particularly, to a file security system for data files created at a first host system in one domain and recovered at a second host system in another domain of a multiple domain data processing system where each host system includes a data security device which permits crytographic operations to be performed in the creation and recovery of a data file.
With the increasing number of computer end users, sharing of common system resources such as files, programs and hardware and the increasing use of distributed systems and telecommunications, larger and more complex computer base information systems are being created. In such systems, an increasing amount of sensitive data may be stored on data files for long periods of time. Because of this fact, there is an increasing concern that such data files may become accessible to unauthorized persons if maintained for too long a period of time. Cryptography has been recognized as an effective data security measure in that it protects the data itself rather than the media on which it is stored.
Cryptography deals with methods by which message data called cleartext or plaintext is encrypted or enciphered into unintelligible data called ciphertext and by which the ciphertext is decrypted or deciphered back into the plaintext. The encipherment/decipherment transformations are carried out by a cipher function or algorithm controlled in accordance with a cryptographic or cipher key. The cipher key selects one out of many possible relationships between the plaintext and the ciphertext. Various algorithms have been developed in the prior art for improving data security in data processing systems. Examples of such algorithms are described in U.S. Pat. No. 3,796,830 issued Mar. 12, 1974 and U.S. Pat. No. 3,798,359 issued Mar. 19, 1974. Another more recent algorithm providing data security in data processing systems is described in U.S. Pat. No. 3,958,081 issued May 18, 1976. This algorithm was adopted by the National Bureau of Standards as a data encryption standard (DES) algorithm and is described in detail in the Federal Information Processing Standards publication, Jan. 15, 1977, FIPS PUB 46.
A data processing system may consist of a single host system which includes a host processor, host memory, channel and its associated resources such as the host programs and locally attached terminals and data files. The domain of the host system is considered to be the set of resources known to and managed by the host system.
Cryptographic File Security in a data processing system is concerned with the protection of a data file which is stored in a storage media for a relatively long period of time or when stored in a portable storage media for transporting outside the environment of the data processing system. In prior art cryptographic file security arrangements, when sensitive data is to be stored in a storage media, a cryptographic facility provided at the host system is invoked to encipher the data, using a cipher key known only to the user, after which the enciphered data file is written to the storage media. Since the enciphered data file must be read and deciphered for subsequent data processing operations, it is necessary to use the same cipher key for the decipher operation. Accordingly, file security is dependent solely on the security of the cipher key since obtaining a copy of the enciphered data file by unauthorized means or by theft of the data file by unauthorized persons will be of no avail to anyone unless he has knowledge of the cipher key used to encipher the data file. File Security, therefore, becomes dependent solely on the user's knowledge and his own actions in keeping the cipher key secret. If the stored information is shared between many users then the security of the data file is further weakened. If the cipher key is stored in the system, especially for long periods of time, a method of controlled access must be devised to assure its suitable protection. Furthermore, if the cipher key becomes known by an unauthorized person and the enciphered data file is stolen or a copy made, then total protection is lost and the data file may be recovered at any data processor which has a cryptographic facility.
As the size of data processing systems increases, other host systems may be joined to form a multiple domain processing system with each host system having knowledge of and managing its associated resources which make up a portion or domain of the processing system. With the increasing size of such systems, greater use is being made of portable storage media where a data file created at a host system in one domain is transported for recovery at a host system in another domain of the multiple domain processing system. Because of the fact that an increasing number of such portable storage media is being transported from one domain to another, there is an increasing need to provide file security for such data files.
Accordingly, it is an object of the invention to provide file security for data files created in one domain and recovered in another domain of a multiple domain data processing system.
Another object of the invention is to maintain the security of data files created by a first host system and recovered by a second host system.
A further object of the invention is to provide a host system cryptographic facility for creating a data file for recovery at another host system in a secure manner.
Still another object of the invention is to provide a host system cryptographic facility operating under control of secure host keys for creating a data file for recovery at another host system without the need for revealing the host keys of the creating host system to the other host system.
Still a further object of the invention is to provide a cross domain key which allows cross domain file communication of data files between host systems in different domains of a data processing system.
Still another object of the invention is to provide a cross domain key which is known by a host system which creates a data file and the host system which recovers the data file.
Still a further object of the invention is to maintain the security of cross domain keys by protecting them under a host key encrypting key.
Still another object of the invention is to protect a cross domain key under a key encrypting key of a host system which creates a data file and under a different key encrypting key of a host system which recovers the data file.
Still a further object of the invention is to protect the cross domain key used when creating a data file for recovery at another host system by a first host key encrypting key used when recovering a data file created at another host system by a first host key encrypting key and to protect the cross domain key used when recovering a data file created at the other host system by a second host key encrypting key.
Still another object of the invention is to create a secure data file in one domain of a multiple domain data processing system which is only recoverable at a specific other domain of the system.
Still a further object of the invention is to provide a file recovery key for a secure data file created in one domain of a multiple domain data processing system which permits recovery of the secure data file at another domain of the system.
Still another object of the invention is to provide a file recovery key as header information for a secure data file.
Still a further object of the invention is to maintain a file recovery key for a secure data file as a private key.
Still another object of the invention is to encipher file data under an operational key to obtain a secure data file and to provide a file recovery key for the secure data file which consists of the operational key enciphered under a cross domain key known at different domains of a multiple domain data processing system.
Still a further object of the invention is to provide an irreversible transformation function for creating a file recovery key for a secure data file created at a host system in one domain to permit recovery of the secure data file at a host system in another domain of a multiple domain data processing system.
Still another object of the invention is to recover a file recovery key used for recovery of a secure data file at a host system in one domain and replace it with a file recovery key used for recovery of the data file at a host system in another domain of a multiple domain data processing system.
Still a further object of the invention is to provide a private cross domain key which allows cross domain file communication of a private data file between host systems in different domains of a data processing system.
In accordance with the invention, a multiple domain data processing system is provided in which each domain includes a host system with an integrated data security device and associated data files to permit cryptographic data transmissions between the host and the associated data files. The data security devices of the host systems include a memory for storing a master key and cryptographic apparatus for ciphering input data under control of a cryptographic key to produce ciphered output data. For cross-domain file communication between the host system in one domain and the host system in another domain, the host data security device of each host system generates a random number which is defined as a cross domain key for cross domain file communication between the two host systems and is communicated in a secure manner to the other host system. The cross-domain key generated at each host system is protected at that host system by encipherment under a first key encrypting key and stored in enciphered form as a sending cross-domain key while the cross-domain key received at that host system from the other host system is protected by encipherment under a second key encrypting key and stored in enciphered form as a receiving cross-domain key. When a data file is to be created at the host system in one domain and recovered at the host system in another domain, the host data security device of the originating host system generates a random number which is defined as being a primary file key enciphered under the host master key of the originating host system. The originating host system data security device then performs a transformation operation in accordance with the enciphered sending cross-domain key and the enciphered file key to reencipher the file key from encipherment under the originating host master key to encipherment under the sending cross-domain key as a file recovery key for recovery of the data file at the host system of the other domain. The originating host system data security device then performs an encipher operation in accordance with the primary file key enciphered under the host master key and host system plaintext to obtain host system plaintext enciphered under the primary file key as host system ciphertext for the data file. The file recovery key may be provided as header information or maintained as a private key for the data file. When the data file is to be recovered at the receiving host system in the other domain, the receiving host data security device performs a transformation function in accordance with the enciphered receiving cross-domain key stored at the receiving host system and the file recovery key obtained as header information or inputted as a private key to reencipher the primary file key from encipherment under the sending cross-domain key to encipherment under the host master key of the receiving host system. The receiving host system data security device then performs a decipher operation in accordance with the primary file key enciphered under the receiving host system master key and the data file of host system ciphertext to obtain the host system ciphertext in clear form at the receiving host system.
Other arrangements are also provided which permit a variety of file security applications in a multiple domain data processing system. In one such application, where a secure data file is created having a file recovery key which allows recovery of the data file at the originating host system, an arrangement is provided by which the file recovery key is recovered and replaced with a file recovery key which allows recovery at a host system in another domain of the data processing system. Additionally, a further arrangement is provided which allows a file security application using a pre-defined private cross-domain key for private data files.
The foregoing and other objects, features and advantages of the invention will be apparent from the following particular description of a preferred embodiment of the invention, as illustrated in the accompanying drawings.